In an age of globalization, local regulation tends to transcend jurisdictional boundaries. Case in point: the European Union’s upcoming General Data Protection Regulation, which is set to take effect May of this year. The impact for businesses operating in Europe is obvious, but the ripple effect felt worldwide is also undeniable.
While the GDPR will undoubtedly raise the bar for data protection standards worldwide, IAPP research estimates that as many as 75,000 data protection officers will be needed to usher in the GDPR globally.
The immediate response has been tremendous. Vendors offering GDPR solutions have flooded the market worldwide as the deadline looms.
The Privacy Advisor recently caught up with TRU Staffing Partners Founder and CEO Jared Coseglia to find out how his company is working to fill the privacy gap identified in many organizations. By providing CISO as a service, TRU works to connect companies that identify a need for professionals with candidates that have both bandwidth and expertise to address the privacy and data protection needs of a company.
“Whenever there is a panic or a deadline looming and you feel underprepared, you need a resource immediately,” he said. Simply put, ahead of GDPR implementation, companies do not have time to go through a three- to six-month hiring cycle, which, in corporate America, is often the case.
While TRU Staffing is based in the U.S., the company services a variety of companies across North America, Europe and Asia. Getting his start in e-discovery and cybersecurity staffing, Coseglia said the company’s expansion into the privacy marketplace came in response to the overwhelming demand.
“We’ve had such crazy demand for privacy talent from our clients in a variety of capacities.” He added, “This privacy pathway, from a career standpoint, has become such an enticing and viable pathway for a lot of people, and that seems to be expatiating itself right now.”
As TRU's website states, the company “maintains a roster of experienced, chief information security officers who have the interest, availability and expertise to parachute in to any organization, assess their current security technology infrastructure, examine and mitigate risk, and advise or execute on cybersecurity policy, data breach, incident response, and more.” Connecting candidates and clients, TRU offers multiple contract models based on the scope of clients’ information security needs.
When Coseglia started sourcing e-discovery in 2002, what he noticed was the demand for staffing far outpaced the supply of professionals. As a recruiter, he said, this reality was great for business but signaled that maybe people didn’t have the representation they needed to make smart career choices.
“The companies don’t know where to get the talent, the talent doesn’t know where to get the jobs, and everybody is fighting over the same people,” he said. “There is real opportunity to make an impact on the community as an agent, which is what we really think our real value proposition is here at TRU.”
With such a variety of privacy and data protection needs spread across companies, Coseglia said it’s important to know how to ask the right questions of the talent but also ask the right questions of the client, particularly in terms of where they are in their privacy maturity model.
“Most of the clients that come to us with this need are looking for one of two profiles of people: Either they are looking for a generalist who can handle all of their privacy problems, or they have a really specific thing done. That generally helps immediately delimit the kinds of talent that were looking for in terms of resources.”
Right now, the breakout is 80 percent of his clients looking to hire someone for shorter-term assignments for augmentation with an expertise in EU privacy law. Coseglia said, “The importance of certification, specifically for the contract hiring process is something so important and so valuable to hiring managers. The first delimiter with all of our contractors is 'What certifications do they have?'”
While he describes privacy as being “on fire” right now, looking ahead six months, Coseglia expects to see a lull in the summer for a variety of reasons, not the least of which is just to see what happens after the GDPR takes effect. He said, “At some point, someone is going to get fined. Once that happens, will that be the incentive for companies who maybe took a look at their risk and decided not to invest as heavily as maybe they should have and start to rethink and hire? Maybe.”
photo credit: noramgood_ Abeja en Macro via photopin (license)